Dixons Carphone reveals data breach affecting 5.9 million customers

Daniel Fowler
June 14, 2018

If there is a serious breach of your personal data that is likely to result in a high risk to your rights and freedoms, in most circumstances the company is obligated under GDPR to tell you without undue delay.

Millions of Dixons Carphone customers have had their financial and personal data illegally accessed after a major breach at the United Kingdom company.

Dixons Carphone has revealed it has been hit by a huge data breach.

The breach appears to have taken place "in one of the processing systems of Currys PC World and Dixons Travel stores", the company said.

The personal data records accessed contained non-financial personal data, such as name, address or email address, but there was no evidence of fraud here either.

These figures make it one of the largest data breaches involving a United Kingdom company, emerging just weeks after the GDPR data-protection legislation came into effect.

While the breach took place last July, Dixons Carphone only realised that it had occurred in the last week and the notification delay of nearly a year was not a case of the firm covering up the fact, allegedly. Pretax profit will drop to about 300 million pounds in the year ending April 2019, Dixons Carphone said.

Trump's trade adviser apologises for comments on Trudeau
Our economies are integrated", said Gallant. "Canada does not conduct its diplomacy through ad hominem attacks". Trudeau kept silence after the personal attacks.

They claim stolen data is not believed to have left internal systems, but are advising customers to take protective steps anyway.

Dixons Carphone has informed the relevant authorities, including the Information Commissioner's Office and Financial Conduct Authority, but stresses that 5.8 million card details are still protected by Chip-and-PIN systems.

Pin codes, card verification values (CVV), and authentication data enabling holder identification or purchases were not stored in the data.

The company said that of the cards not secured with chip and pin, none were reported to have been misused, the rest of the cards should be secure. "We have no evidence of any fraud on these cards as a result of this incident".

In a statement about the breach, Dixons Carphone chief executive, Alex Baldock, said: "We are extremely disappointed and sorry for any upset this may cause". Again, Dixons said there was no evidence that it had resulted in any fraud.

The ICO has the power to fine Dixons Carphone, as it did in January when it issued a £400,000 penalty over a separate breach.

The breach was now being investigated by police, it said, while regulators had also been informed.

Other reports by

Discuss This Article